8.1.1 The Instance-Specific Configuration Entry

In 11g Release 1 (11.1.1), configuration information for an Oracle Internet Directory instance resides in an instance-specific configuration entry, which has a DN of the form

cn=componentname,cn=osdldapd,cn=subconfigsubentry

where componentname is the name of a Oracle Fusion Middleware system component of Type=OID, for example, oid2. You do not manually create an instance-specific configuration entry. Instead, you create a Oracle Fusion Middleware system component of Type=OID. Creating the Oracle Internet Directory component automatically generates an instance-specific configuration entry.

Figure 8-1 shows the configuration entries for two Oracle Internet Directory components in the DIT. The DNs for the instance-specific configuration entries are:

8.1.2 Creating the First Oracle Internet Directory Instance

When you install Oracle Internet Directory on a host computer, Oracle Identity Management 11g Installer creates an Oracle Fusion Middleware system component of Type=OID in a new or existing Oracle instance (ASINST). The Oracle Internet Directory component contains an OIDMON process and an Oracle Internet Directory instance (inst=1). The Oracle Internet Directory instance consists of a dispatcher process and one or more OIDLDAPD processes. The component name for the first Oracle Internet Directory component is usually oid1 and the Oracle instance name is chosen during the installation, usually asinst_1.

Oracle Identity Management 11g Installer creates the following instance-specific configuration entry for this component during installation:

cn=oid1,cn=osdldapd,cn=subconfigsubentry

In addition, Oracle Identity Management 11g Installer creates some file system directories under the Oracle instance directory. Some of the pathnames it creates are are specific to the component name. For example, the pathnames under your Oracle instance on UNIX or Linux include:

If you selected Create New Domain or Extend Existing Domain during installation, the Oracle Internet Directory component is registered with a WebLogic domain. If you selected Configure Without a Domain during installation, the Oracle Internet Directory component is not registered with a domain. You can register it later from the command line. Registering with a domain in this case is optional.

Note:

Oracle Internet Directory is frequently configured in a cluster where instances on different hosts are all connected to the same Oracle Database. Oracle Identity Management 11g Installer detects that other OID components are using the same Oracle Database and increments the component name for the new component by 1. That is, successive installations in the cluster will have the component names oid2, oid3, and so forth.

8.1.3 Creating Additional Oracle Internet Directory Instances

The recommended way to add another Oracle Internet Directory instance is to add an additional system component of Type=OID in the Oracle instance.

To do this, you use opmnctlcreatecomponent, specifying the component type Type=OID, the component name for the new component, and the instance name of the Oracle instance. This new Oracle Internet Directory component consists of an OIDMON process, an OIDLDAPD dispatcher process, and one or more OIDLDAPD server processes. For example, see ias_component=oid2 at the bottom of Figure 8-2.

Figure 8-2 Oracle Internet Directory Process Control

You use an OPMN command, opmnctlcreatecomponent, to create a new instance-specific configuration entry in the DIT. If the new component name is oid2, the new entry looks like this:

cn=oid2,cn=osdldapd,cn=subconfigsubentry

You can change the values of attributes in this entry to customize the instance.

The opmnctl command also creates additional pathnames in the filesystem under the ORACLE_INSTANCE directory for the Oracle instance asinst_1. If the new component name is oid2, the pathnames include:

You can use opmnctl process control commands to manage the components oid1 and oid2 individually. You can register the new Oracle Internet Directory instance with the WebLogic domain, either at creation time or later.

Note:

You can use oidctl to create an instance if you are running Oracle Internet Directory as a standalone server, not part of a WebLogic domain. When you create an instance with oidctl, you must use oidctl to stop and start the instance. An Oracle Internet Directory instance created with oidctl cannot be registered with a WebLogic server, so you cannot use Oracle Enterprise Manager Fusion Middleware Control to manage the instance. See Appendix B, "Managing Oracle Internet Directory Instances by Using OIDCTL."

8.1.4 Registering an Oracle Instance or Component with the WebLogic Server

If you want to manage an Oracle Internet Directory component with Oracle Enterprise Manager Fusion Middleware Control, you must register the component and the Oracle instance that contains it with a WebLogic domain. You can register an Oracle instance with a WebLogic domain during installation or Oracle instance creation, but you are not required to do so. If an Oracle instance was not previously registered with a WebLogic domain, you can register it by using opmnctl registerinstance.

If the Oracle instance is already registered, and you are adding a new Oracle Internet Directory system component to the Oracle instance, opmnctl automatically registers the component as part of that Oracle instance.

8.3.1 Creating an Oracle Internet Directory Component by Using opmnctl

You create an Oracle Internet Directory system component in an Oracle instance by using opmnctl createcomponent. This command automatically registers the component with a WebLogic domain at the time you create the component, as long as the instance is in a registered state. The syntax is:

The DBHostName:Port:DBSvcName argument to the -DB_info parameter must be the same as that provided during installation. If it is not, the command will fail. You can find this value in the file ORACLE_INSTANCE/config/tnsnames_copy.ora.

If the Oracle Database is based on Real Application Clusters, the argument to the -DB_info parameter is of the form:

DBHostName1:Port1^DBHostName2:Port2@DBSvcName

The opmnctl command prompts for the WebLogic administrator's user name if you do not supply it. It also prompts for the passwords if you do not supply password file names on the command line. The opmnctl command also uses available ports if you do not specify -Port or -Sport, as described in Section 3.1.3, "Oracle Internet Directory Ports."

8.3.2 Registering an Oracle Instance by Using opmnctl

During an Oracle Internet Directory installation, Oracle Identity Management 11g Installer requests domain information. If you choose Configure Without a Domain, your Oracle Internet Directory instance is not registered with a WebLogic domain. After the installation is complete, you can choose to register an Oracle instance and all the components in that Oracle instance by using opmnctlregisterinstance. The syntax is:

The default administrative port on the WebLogic Administration Server is 7001.

8.3.3 Unregistering an Oracle Instance by Using opmnctl

If you registered an Oracle instance with a WebLogic domain during installation, you can unregister it after the install is complete. You might want to do this if you decide to use Oracle Internet Directory in standalone mode. (In standalone mode, you cannot use Fusion Middleware Control or wlst to manage Oracle Internet Directory.)

To unregister an Oracle instance and all the components in that Oracle instance, you use opmnctlunregisterinstance. The syntax is:

The default administrative port on the WebLogic Administration Server is 7001.

8.3.4 Updating the Component Registration of an Oracle Instance by Using opmnctl

You must update the registration of an Oracle Internet Directory component in a registered Oracle instance whenever you change any of the configuration attributes in Table 8-1. If you do not update the component registration, you will be unable to use Fusion Middleware Control or wlst to manage that component.

8.3.7 Starting the Oracle Internet Directory Server by Using opmnctl

The component name of the first Oracle Internet Directory component is oid1.

To start the first Oracle Internet Directory instance, type:

opmnctl startproc ias-component=oid1

To start all Oracle Internet Directory instances, type

opmnctl startproc process-type=OID

To start all components, type

opmnctl startall

8.3.8 Stopping the Oracle Internet Directory Server by Using opmnctl

To stop the first Oracle Internet Directory server component, type:

opmnctl stopproc ias-component=oid1

To stop all Oracle Internet Directory instances, type

opmnctl stopproc process-type=OID

To stop all components, type

opmnctl stopall

8.3.9 Restarting the Oracle Internet Directory Server by Using opmnctl

To restart the first Oracle Internet Directory instance, type:

opmnctl restartproc ias-component=oid1

To restart all Oracle Internet Directory instances, type

opmnctl restartproc process-type=OID

8.3.10 Changing the Oracle Database Information in opmn.xml

By default, ORACLE_INSTANCE/config/OPMN/opmn/opmn.xml contains an XML snippet that opmnctl uses when it attempts to start the default Oracle Internet Directory LDAP server instance. Occasionally, you might need to edit the opmn.xml file. For example, if you change the Oracle Database instance in ORACLE_INSTANCE/config/tnsnames.ora, you must add the Oracle Database DB_CONNECT_STR to ORACLE_INSTANCE/config/OPMN/opmn/opmn.xml. You can use a text editor to edit opmn.xml.

8.4 Starting an Instance of the Replication Server by Using OIDCTL

To configure an instance of Oracle Internet Directory Replication Server, use the oidctl start command with server=oidrepld. Best practice is to create a separate instance of Oracle Internet Directory to use for replication.